artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0345af1)
Older AMD CPUs that do not support IBRS need an lfence after ret
authorbluhm <bluhm@openbsd.org>
Wed, 1 Sep 2021 09:50:21 +0000 (09:50 +0000)
committerbluhm <bluhm@openbsd.org>
Wed, 1 Sep 2021 09:50:21 +0000 (09:50 +0000)
to stop speculation.  This seems to be necessary when the branch
predictor hits the ret for the first time.  In their white paper
to mitigate speculation attacks, AMD's retpoline example has an
explicit lfence.  Adjust our retpoline assembly macro in the kernel.
OK guenther@ mortimer@ deraadt@

sys/arch/amd64/include/asm.h patch | blob | history

diff --git a/sys/arch/amd64/include/asm.h b/sys/arch/amd64/include/asm.h
index 8097186..fc57554 100644 (file)
--- a/sys/arch/amd64/include/asm.h
+++ b/sys/arch/amd64/include/asm.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: asm.h,v 1.18 2019/04/02 03:35:08 mortimer Exp $       */
+/*     $OpenBSD: asm.h,v 1.19 2021/09/01 09:50:21 bluhm Exp $  */
 /*     $NetBSD: asm.h,v 1.2 2003/05/02 18:05:47 yamt Exp $     */
 
 /*-
@@ -193,6 +193,7 @@
                jmp     68b             ; \
                _ALIGN_TRAPS            ; \
        69:     mov     %reg,(%rsp)     ; \
-               ret
+               ret                     ; \
+               lfence
 
 #endif /* !_MACHINE_ASM_H_ */
OpenBSD src
by Ahmet Artu Yildirim